Preparing for GDPR with Automate

Home / Preparing for GDPR with Automate

What is GDPR

“Accountability is at the centre of all this: of getting it right today, getting it right in May 2018, and getting it right beyond that.”

Elizabeth Denham

The General data protection regulation or GDPR legislation emphasises transparency, security and accountability by data controllers and processors, while at the same time standardising and strengthening the right of European citizens to data privacy.

Data Controller – Individual or Group that decides how data will be stored, collected or processed.

Data Processor – Individual or group that processes data on behalf of a data controller (Collecting, altering, transferring, using, storing data Etc)

The GDPR gives data protection authorities more robust powers to tackle non-compliance, including significant administrative fining capabilities of up to €20,000,000 (or 4% of total annual global turnover, whichever is greater) for the most serious infringements.

The GDPR also makes it considerably easier for individuals to bring private claims against companies when their data privacy has been infringed and allows data subjects who have suffered non-material damage as a result of an infringement to sue for compensation.

Rights for individuals under the GDPR include:

  • Subject Access
  • To have inaccuracies corrected
  • To have information erased
  • To object to direct marketing
  • To restrict the processing of their information, including automated decision-making
  • Data portability

Every organisation is Accountable for the personal data they hold and ensuring that this data is secure.

Get Ready for GDPR

Automate has a comprehensive menu of procedures and solutions, to enable you to make your organization process personal data fairly and in accordance with the law. Our solutions range from once off audits, file and data identification, file encryption, data lineage, and master data management to data protection-specific metadata management, and more.

GDPR in Numbers

7 Rights

7 core citizen rights afforded under GDPR, including the right to rapid notification of breach, explicit consent, the right to erasure, etc.

4 Percent

Potential fines can range from 2-4% of a company’s global revenue.

27k DPOs

Estimated number of new Data Protection Officers needed in Europe.

72 Hours

Timeframe given to report a data breach, including associated details.

150+ Requirements

Requirements for GDPR span governance, policies, processes, and technology.

1 Opportunity

A once-in-a-generation chance to holistically improve customer data management practices.

Step towards GDPR compliance with Automate





A common misconception is that just because you don’t hold or transact with members of the public that you do not hold any personal data. Essentially every business holds data on its own staff and this data is considered personal data as such needs to be protected.

The announcement of an agreement to finalize GDPR was made in December 2015 and following a vote by the EU parliament, the compliance deadline for GDPR was set for May 25th 2018.

There is no one size fits all solution for GDPR compliance. Different measures will need to be taken to ensure your organisation is compliant. The first steps begin with a GDPR readiness audit after which our security team will be able to advise you on whats next and the scope of works that need to be completed.

Data Controller
Individual or Group that decides how data will be stored, collected or processed.

Data Processor
Individual or group that processes data on behalf of a data controller (Collecting, altering, transferring, using, storing data Etc)

There is an ongoing requirement for all businesses to maintain their GDPR compliance into perpetuity. Unfortunately, the regulation is not just a point in time where businesses must be compliant but it sets out the terms under which organisations must remain compliant. The regulation also applies to all data collected in the past, present and future.

A common misconception from business to business organisations is that they do not hold any personal information. Organisations must also consider the internal data they hold on employee’s and that this data falls within the personal data classification and as such must be protected.

GDPR provides exceptions based on whether appropriate security controls are deployed within the organizations.
For example a breached organization that has rendered the data unintelligible through encryption to any person who is not authorized to access the data, is not mandated to notify the affected record owners.
The chances of being fined are also reduced if the organization is able to demonstrate a “ Secure Breach” has taken place.

Sinnott Hughes | Accountants & Auditors

We find Automate Technology extremely efficient. They are prompt, courteous, and their technical ability and knowledge is first class. We would recommend Automate Technology to any business looking for IT support.

Sinnott Hughes | Accountants & Auditors

What People Say ?

We have worked with Automate since May 2008. Since we started working with Automate the amount of time I’ve had to commit to IT issues has been dramatically reduced.

Automate manage the system in such a proactive way that potential problems are identified before they happen. These are dealt with at this stage which saves an awful lot of hassle. Previous to working with Automate we had numerous problems with our IT systems and our IT Server was down on quite a regular basis. This meant the system was often down for several hours which were both frustrating and expensive.

Eden Recruitment

What People Say ?

We’ve found Automate to be professional, customer friendly & have given us a strong, robust solution for all our IT requirements. Their engineers are courteous, helpful and always available at the end of a phone.

Irish College Of Psychiatry

What People Say?

We moved from a conventional service provider to Automates bespoke service. The main benefit to us of switching to Automate is that they have taken ownership of our IT system, an area that we do not specialise in. Their skill and expertise means that should a problem arise, they understand the issue and resolve to fix it as soon as possible while keeping us updated on progress. There hasn’t been a request that they haven’t been able to deliver on.

Axis Engineering